I received a fax today. Now, that may not be worthy of noting on here, apart from the fact that I hardly ever receive faxes these days. But the interesting fact is that it was sent to my US based fax number and offered me a great deal on a "New Health Plan" for only

[Part 5 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Trust People, Not Addresses Don’t trust unsolicited files or embedded links, even from friends. It’s easy to spoof email addresses, for instance,

Well, I'm pretty sure I've been seeing spam for a bit more than ten years, as has CAUCE (Coalition Against Unsolicited Commercial Email) in its various incarnations. However, the blog by Neil Schwartzman that was put up yesterday at http://www.cauce.org/archives/155-This-Decade-in-Spam.html#extended covered only the notable events of the last decade. Which was indeed eventful enough. In fact, it turns

Here's another conference paper we've put up recently on the white papers page at http://www.eset.com/download/whitepapers.php. "Whatever Happened to the Unlikely Lads? A Hoaxing Metamorphosis" by David Harley and Randy Abrams, was presented at the 19th Virus Bulletin Conference in Geneva in 2009, The paper was first published in Virus Bulletin 2009 Conference Proceedings. Copyright is

Now that the end-of-year security conference season is winding down, we're able to start making available some of the presentations and papers that we've been building up in the past few months, but haven't been able to make publicly available ahead of the events for which they were written. We've already made available a slide

I was quoted last month in an article at PC Retail (http://www.pcr-online.biz/features/305/The-truth-about-cyber-crime), which is nice. However, I just came across the notes I made at the time of the original enquiry/interview, most of which wasn’t used, so here are my full responses to the questions Andrew Wooden asked, in case they’re of interest. (Actually, they’re slightly expanded and I’ve

So, in case you were wondering about the progress of my abuse report to Yahoo!, I did indeed get a response within 48 hours, thanking me for my communication, assuring me that they’d investigate, and informing me that they wouldn’t be letting me know about the outcome of that investigation, as they don’t disclose information about

There’s nothing particularly new about Yahoo! group spam (no, wait, don’t go yet!) and I haven’t wasted much time on it so far, as what I’ve seen is pretty crude But I’ve been noticing an increasing number of emails to one of my most visible accounts welcoming me to groups with random names: stuff like

We know that spam works: well, it works well enough for spammers to keep devoting time and money into pumping sewage into the arteries of the internet. The interesting question is why does it work? The Messaging Anti-Abuse Working Group (MAAWG), a global coalition of network operators and messaging providers who do some vital work

Sebastián Bortnik, at ESET Latin America, kindly translated a blog they put up today here and allowed us to reproduce it for our blog. I think you’ll find it interesting. Thanks, Sebastián! The revival of the spread of the Waledac trojan is already a fact. As the ESET team announced on Thursday, on Friday spam emails